[tor-dev] How many exits exit from an IP address different than their OR address? (10.7%)
coderman
coderman at gmail.com
Tue Jan 12 14:58:23 UTC 2016
On 1/12/16, Tim Wilson-Brown - teor <teor2345 at gmail.com> wrote:
> ...
> The current tor implementation simply calls connect() if OutBoundBindAddress
> is not set for the destination address family.
> This means that the connection will be made from a source address based on
> the routing table entry for the destination address.
> Tor really doesn't have much control over this, it's an OS-level decision.
per https://trac.torproject.org/projects/tor/ticket/17975 however, it
might make sense to have a specific bind address for Exit traffic, in
addition to a general OutBoundBindAddress for OR-links. (as you allude
to below)
> We could set the default value of OutboundBindAddress(es) to the ORPort
> address(es), but this would override the OS's routing tables.
do NOT set a default for OutboundBindAddress ! it is intended as an
override, since the default behavior is usually desired and should be
kept as is.
> Of course, if the operator specifically configures an outbound address, or
> an outbound address for Exit traffic (#17975), that's a different matter -
> tor should obey explicit configuration directives.
this is the proper situation. only question is who would have a
compelling use for separating outbound OR connections and outbound
Exit traffic, as per #17975?
> I'm not sure that adding "exit" IP addresses to the consensus is that
> helpful, ...
do NOT ask for exit IP in consensus. it is not useful, not accurate,
wastes bandwidth, and fails in its intended purpose.
best regards,
More information about the tor-dev
mailing list